1. Technical Field
The present invention relates to a network system, a certificate management method, and a certificate management program, and more particularly to, a network system, a certificate management method, and a certificate management program that resets the certificate quickly, easily, and inexpensively.
2. Background Art
With the diffusion of networks such as the Internet, data communications can now be conducted using wired- and/or wireless-type networks. Such network-based data communications require protection from tampering such as data falsification, spoofing, or the like.
Typically, an image processing apparatus located at an end-user site is connected to a management-purpose information processing apparatus located at a vendor site (e.g., manufacturer of apparatus, maintenance service provider, etc.) via a network such as the Internet. The user site may be a business office, which may use copiers, printers, facsimiles, and multi-functional peripherals such as image processing apparatuses. The vendor site may include management-purpose information processing apparatuses to monitor image processing apparatuses located at user sites via the Internet. Specifically, in such a configuration, an image processing apparatus at a user site and a management-purpose information processing apparatus may communicate data used for managing the image processing apparatus. Because the management-purpose information processing apparatus may be located remotely from the user site, such configurations may be termed remote monitoring systems, which monitor the image processing apparatus remotely and provide services such as maintenance at predetermined regular intervals or under certain specific circumstances.
Such remote monitoring/management systems may need to communicate classified information such as service fee data, user personal data, or the like, as management data. Accordingly, it is necessary to prevent tampering with such data such as data falsification and/or spoofing.
Typically, such remote monitoring/management systems employ encryption to prevent such data falsification and/or spoofing. For example, image processing apparatuses at user sites or user-side management-purpose information processing apparatuses may communicate with a vendor-side management-purpose information processing apparatus by employing a mutual authentication process using encryption such as secure socket layer (SSL), for example.
Such SSL communication for remote monitoring systems may employ an encryption system such as a private/public key system for data communication. For example, a vendor-side management-purpose information processing apparatus keeps a private key, and a user-side management-purpose information processing apparatus or an image processing apparatus at the user site keeps a public key. Further, the vendor-side apparatus and the user-side apparatus use a common key certificate encoded by a common private key issued by a certificate authority to verify the identity of a data-transmission sender. With such a configuration, tampering such as data falsification and/or spoofing can be prevented, and data security can be enhanced.
However, to use such certificate system on a network connecting a number of apparatuses, the certificate needs to be set up at each apparatus. Therefore, if the number of apparatuses connected to the network increases to hundreds or thousands, the construction of an environment that can support certificate use entails greater costs not only initially but also for ongoing maintenance and management of the certificates.
In a conventional certificate distribution system, the setting-use private key/certificate can be provided for each of setting-target apparatuses and a management terminal apparatus in advance, and then the verification process and key sharing are conducted, and communications are protected by encoding. Upon completing the setting, the setting-use private key/certificate provided for the setting-target apparatuses are then deleted, thereby disabling the setting-use private key/certificate.
In such conventional certificate management method, upon completing the setting by using the setting-use private key/certificate, secure communication can be obtained. However, for example, when the expiry date of the certificate approaches and the certificate must be reset, because the setting-use private key/certificate have been deleted, the resetting of the certificate cannot be conducted with the same process as the initial introduction of private key/certificate.
In view of such problem, a method of not deleting the setting-use private key and certificate is disclosed in JP-2005-175992-A, in which the setting-use key and certificate are not deleted, and an operation mode flag is set for a setting-target apparatus. The certificate is reset using the setting-use private key/certificate in the setting mode, and then the mode is switched to the operating mode, thereby disabling the setting-use private key/certificate.
However, when the certificate expires and must be reset, the resetting of the certificate cannot be conducted in the same way as the initial introduction of the private key/certificate. As a result, while the current certificate is being maintained, the new certificate cannot be installed, making the certificate updating process inconvenient and costly.